Lucene search
K

94877 matches found

Nuclei
Nuclei
added 14 hours ago78 views

DomainMOD 4.13.0 - Cross-Site Scripting

DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...

5.4CVSS6.1AI score0.01331EPSS
Exploits1References2
Nuclei
Nuclei
added 14 hours ago144 views

Oracle Business Intelligence - Path Traversal

Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0 are vulnerable to path traversal in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. id: CVE-2019-2588 info: name: Oracle Business Intelligence - Path...

4.9CVSS6.4AI score0.37099EPSS
Exploits4References5
Nuclei
Nuclei
added 14 hours ago17 views

Blink Router - Command Injection

Blink routers BL-WR9000 V2.4.9 , BL-AC2100AZ3 V1.0.4, BL-X10AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200AT1 v1.0.0, BL-X26AC8 v1.2.8, BLAC450MAE4 v4.0.0 and BL-X26DA3 v1.2.7 were discovered to contain a command injection vulnerability via the bsSetSSIDHide function. id: CVE-2025-45985 info: name: Blin...

9.8CVSS7AI score0.07116EPSS
Exploits1References1
Nuclei
Nuclei
added 14 hours ago66 views

Kyocera Net View Address Book Exposure

Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function. id: CVE-2022-1026 info: name: Kyocera Net View Address Book Exposure autho...

8.6CVSS7AI score0.15102EPSS
Exploits5References2
Nuclei
Nuclei
added 14 hours ago16 views

Youzify < 1.2.0 - Unauthenticated SQLi

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection id: CVE-2022-1950 info: name: Youzify 1.2.0 - Unauthenticated SQLi author:...

9.8CVSS7.1AI score0.04278EPSS
Exploits1References1
Nuclei
Nuclei
added 14 hours ago21 views

Chamilo model.ajax.php - SQL Injection

main/inc/ajax/model.ajax.php in Chamilo through 1.11.14 allows SQL Injection via the searchField, filters, or filters2 parameter. id: CVE-2021-34187 info: name: Chamilo model.ajax.php - SQL Injection author: DhiyaneshDK severity: critical description: | main/inc/ajax/model.ajax.php in Chamilo...

9.8CVSS7AI score0.16181EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday116 views

Jordy Meow AI Engine - Unrestricted File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine- ChatGPT Chatbot.This issue affects AI Engine- ChatGPT Chatbot- from n/a through 1.9.98. id: CVE-2023-51409 info: name: Jordy Meow AI Engine - Unrestricted File Upload author: pussycat0x severity: critical...

10CVSS7AI score0.65046EPSS
Exploits4References4
Rockylinux
Rockylinux
added 2026/06/28 12:1 a.m.25 views

pandoc security update

An update is available for pandoc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pandoc is a markdown/markup conversion tool. The version of pandoc in Rocky...

9.8CVSS7.3AI score0.04192EPSS
Exploits3
Fedora
Fedora
added 2026/06/27 1:12 a.m.6 views

[SECURITY] Fedora 44 Update: nginx-mod-naxsi-1.6-19.fc44

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS7AI score0.03459EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.22 views

PT-2026-51653

Name of the Vulnerable Software and Affected Versions Hoppscotch affected versions not specified Description Four independent weaknesses allow an unauthenticated request to lead to full server compromise. Recommendations At the moment, there is no information about a newer version that contains a...

10CVSS5.9AI score0.0059EPSS
Exploits1References12
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.51 views

Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...

7.2CVSS7.1AI score0.83524EPSS
Exploits82Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.27 views

Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability (CVE-2016-8610)

Question Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability CVE-2016-8610 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"Al...

7.5CVSS6.8AI score0.39657EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46953

Vulnerability in the Oracle HRMS UK product of Oracle E-Business Suite component: UK Payroll. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HRMS UK. Successful attacks of...

7.2CVSS0.00339EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.12 views

CVE-2026-35265

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager. Successfu...

8.8CVSS0.00432EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.81 views

OpenEMR < 7.0.1 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.1. id: CVE-2023-2948 info: name: OpenEMR 7.0.1 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr...

8.3CVSS6.9AI score0.96731EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.19 views

PT-2026-49925

Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware component: Generic Unix Connector. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

9.9CVSS5.3AI score0.00402EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/13 12:5 a.m.17 views

valkey security update

An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Valkey is an advanced key-value store. It is often referred to as a data...

8.8CVSS6.8AI score0.02995EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/06/12 8:26 a.m.110 views

Exploit for CVE-2026-49777

CVE-2026-49777 CVE-2026-49777 - ShapedPlugin Product Slider Pr...

10CVSS5.3AI score0.01656EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.16 views

The Human Vulnerabilities and Exploits (HVE) Framework

The cybersecurity community has invested over two decades in building standardized frameworks, the Common Vulnerabilities and Exposures CVE system, the Common Vulnerability Scoring System CVSS, and the Common Weakness Enumeration CWE to identify, classify, and remediate threats to digital...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.13 views

CVE-2026-7879

In Concrete CMS 9.5.0 and below, the submitpassword method in concrete/controllers/singlepage/downloadfile.php allows unauthorized file access since downloading permission-restricted files bypasses the viewfile permission check. Files without passwords can be downloaded and any user who knows a...

6.3CVSS5.5AI score0.00224EPSS
Exploits0References1
Rows per page
Query Builder